Post 9vEWiQ6fcfPMKmVxEe by helby@www.librepunk.club
(DIR) More posts by helby@www.librepunk.club
(DIR) Post #9vEVbqK7eNhjfC6esS by Matter@fosstodon.org
2020-05-20T09:02:23Z
0 likes, 0 repeats
Chrome's implementation of DoH is much better than Firefox's: https://blog.chromium.org/2020/05/a-safer-and-more-private-browsing-DoH.htmlIt doesn't centralize everything. It opportunistically upgrades to DoH with the existing DNS server. Of course this fails open, but it's better than before and does not undo one of the few decentralized things we have left in the web.
(DIR) Post #9vEWiQ6fcfPMKmVxEe by helby@www.librepunk.club
2020-05-20T09:14:45Z
0 likes, 0 repeats
@Matter "A safer and more private browsing experience with Secure DNS ... With Chrome 83"Yes, that's the case with Chrome, safe and private browsing ...Are you serious dude? :ablobcatrave:
(DIR) Post #9vEWqMozijCWSj2Id6 by Matter@fosstodon.org
2020-05-20T09:16:13Z
0 likes, 0 repeats
@helby I'm specifically talking about DoH here. Firefox's implementation of it (just sending everything to Cloudflare by default) is unacceptable.Defaults are the MOST important thing, it doesn't matter in the slightest that you can change the settings for 99% of users.
(DIR) Post #9vEXDytCLqRlBiGKR6 by helby@www.librepunk.club
2020-05-20T09:20:29Z
0 likes, 0 repeats
@Matter If I forgot about that safe and private browsing at all ...What is then default provider in Chrome? Something better than Cloudflare? More safe and private? Bc. if it's like in the picture ... 'may not be available all the time' That's does not sound as safe and private at all.If you change one crap to other crap, it's harad to find out, which smells worse :)
(DIR) Post #9vEXIRAR9kEM36Rzcm by helby@www.librepunk.club
2020-05-20T09:21:17Z
0 likes, 0 repeats
@Matter If I forgot about that safe and private browsing at all ...What is then default provider in Chrome? Something better than Cloudflare? More safe and private? Bc. if it's like in the picture ... 'may not be available all the time' That's does not sound as safe and private at all.If you change one crap to other crap, it's hard to find out, which smells worse :)
(DIR) Post #9vEXYp3q5WdsmrB4Oe by Matter@fosstodon.org
2020-05-20T09:24:15Z
0 likes, 0 repeats
@helby DNS as it works now, takes whatever you have configured in your system (so all apps, not only the browser, work with that).Your system most likely sets the DNS it uses from instructions your router gives it: so most likely your ISP if you didn't change it, but your school can set up its own resolver, your workplace can set up its own, etc. This is great because not all the traffic goes through one server, but since it is not encrypted it's one of the few things left that are in the clear
(DIR) Post #9vEXjfWRtOomOBjPHs by Matter@fosstodon.org
2020-05-20T09:26:11Z
0 likes, 0 repeats
@helby Firefox ignores system settings and by default now routes everything to Cloudflare (encrypted, so only Cloudflare and the NSA black box in their server farm can see it 😉)Chromium will just try to upgrade the existing connection to DoH if possible. I think Firefox should do it like this as well, and maybe in the future refuse to downgrade or whatever.
(DIR) Post #9vEXvUirs5HuMyBAuW by helby@www.librepunk.club
2020-05-20T09:28:19Z
0 likes, 0 repeats
@Matter Oh, did not know, that Firefox now use encrypted DNS to Cloudflare by default. I thought it requires a user action first.
(DIR) Post #9vEY111TCxNVzhVrO4 by Matter@fosstodon.org
2020-05-20T09:29:21Z
0 likes, 0 repeats
@helby for US users at least (so that might be not too bad considering the absolute shite ISPs and regulations over there): https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/
(DIR) Post #9vEZrEoDIQm5lPmGx6 by helby@www.librepunk.club
2020-05-20T09:49:59Z
0 likes, 0 repeats
@Matter hmm, I thought US users are lost long time ago already ;)